Definition

Duqu (W32.Duqu)

Duqu is a remote access Trojan (RAT) that steals data from computers it infects. Duqu has been targeted at industrial equipment manufacturers, illegally collecting information about the manufacturer’s systems and other proprietary data.

The Duqu Trojan contains some of the same source code used by the Stuxnet Trojan, which was designed to disrupt industrial processes. Duqu and Stuxnet use a similar kernel driver to decrypt and load encrypted dynamic load library (DLL) files, enabling the Trojan to inject itself into system processes.

Some security researchers believe that Duqu could be a precursor for attacks against supervisory control and data acquisition (SCADA) systems. SCADA systems are used in infrastructure services such as gas, electric, water and sewer. 

Duqu was discovered by the Laboratory of Cryptography and Systems Security (CrySys) at Budapest University.

This was last updated in November 2011

Continue Reading About Duqu (W32.Duqu)

Dig Deeper on Emerging Information Security Threats

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close